EXPRESS MAIL LABEL NO.: EL295373155US 1 
DATE OF DEPOSIT: JUNE 8, 1999 J 

1 REPRESENTING, CONFIGURING, ADMINISTERING, 

2 MONITORING, AND/OR MODELING CONNECTIONS USING 

3 CATALOGS AND MATRIXES 

4 CROSS REFERENCE 

5 This invention application is cross referenced with 

6 Docket Number Y0999-272, entitled, "DISPLAYING, 

7 ORGANIZING AND EMPLOYING EMBEDDED INFORMATION," by 

8 Louis Herzberg et al., even-dated herewith, and is 

9 incorporated herein by reference in entirety. 

10 FIELD OF THE INVENTION 

11 This invention relates to the field of network 

12 connection. More particularly, the invention relates to 

13 user interface and representation of connectivity. 

14 BACKGROUND OF INVENTION 

15 This invention addresses the problem of intuitively 

16 representing and managing large data stores of 

17 information relating to network configuration, 

18 connectivity, resource utilization, connection 

19 management and service availability. Although this 

20 problem is particularly relevant in computer 

21 controlled communications networks, it is also 

22 prevalent in other types of networks which require 
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1 specified interconnectivity of a large multiplicity of 

2 network elements. Network administrators lack intuitive 





3 


tools to retrieve and view status of network elements 




4 


organized in a number of different formats, such as by 




5 


user, by host, by connection type etc. The 




6 


administrators also need simple means of querying, 




7 


adding and deleting information from the store. 




8 


Broadly speaking, there are two general methods of 




9 


confiaurina. administerincr , monitorincr modelincr 




10 


networks: graphical and non - graphical . This invention 




11 


defines a method of using a non-graphical intuitive 




12 


method for organizing information using "catalogs" (or 




13 


lists) , methods for creation and manipulation of 


1 a ij 

1 y> 


14 


elements within catalogs, methods for presentation of 




15 


catalogs, manipulation of catalogs and linking of 




16 


tasks to catalog elements. 


IB 


17 


In networks with more than a few connections between 


:=3T 

sTI 


18 


network elements, graphical methods that show 


: : 


19 


connections among network elements as visible lines 




20 


are hampered by the size of display area required to 




21 


show the connections in a useful way. This method is 




22 


also limited in the amount and type of information 




23 


about the connection and network elements that can be 




24 


shown. Practically, with more than a few 10s of 




25 


connections, the number of lines becomes so large that 




26 


a graphical display (either on screen or on paper) 




27 


becomes too cluttered to be useful. Figure 1 shows an 




28 


example of a network 100 having ten elements, 101-110, 




29 


which are mesh connected. No additional information 




30 


(such as type of link, link status, traffic load, 
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• m 

1 configuration options , etc.) beyond connectivity among 

2 elements is shown in the figure. Even with only this 

3 one piece of information, the graphical image is 

4 beginning to become unusable. Thus a better method of 

5 representing connections between network elements is 

6 needed. 

7 The following are definitions of terms as used herein: 

8 Network Element - the start or end point of a 

9 connection. 

q 10 Sub -element - element that is a member of a 

;3 11 catalog that is itself an element in a catalog. 

;n 

m 

H 12 Catalog - a named set of elements. The catalog 

2 13 elements can be atomic or can themselves be a 

m 14 catalog, thus enabling catalogs of catalogs of 

L. 15 catalogs and so on. 

Q 16 Sub -catalog - A catalog included in another 

^ 17 catalog. 

18 SUMMARY O F I N VE NTION: 

19 It is therefore an aspect of the present invention to 

20 present a method, apparatus and architecture for the 

21 representation visualization, manipulation, 

22 administration, monitoring and modeling of connections 

23 between elements of a network. 

3 
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1 The invention includes catalogs of elements and the 

2 manipulation of elements and/or catalogs, matrix 

3 display and/or representation of catalogs and 

4 manipulation of the matrix. 

5 Aspects of this invention include: 

6 the ability to represent, in a practical method, a 

7 large plurality of connections; 

8 the ability to configure the connections; 

9 the ability to abstract different level or views of 

10 the network; 

11 the ability to show information about the 

12 connections organized on the basis of different 

13 parameters; 

14 the ability to monitor, execute problem 

15 determination tasks and tune the connections; and 

16 the ability to use the same information 

17 model/connection representation as input to modeling 

18 tools. 

19 Another aspect of this invention is the ability to use 

20 a common view of the network for configuration, 

21 monitoring, problem determination, tuning, modeling, 

22 etc. 
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1 These and other objects are provided in a connection 

2 representation scheme wherein a connection matrix is 

3 employed. Other objects, and a better understanding of 

4 the invention may be realized by referring to the 

5 Detailed Description. 



6 BRIEF DESCRIPTION OF THE DRAWINGS 

7 These and other objects, features, and advantages of 

8 the present invention will become apparent upon further 

9 consideration of the following detailed description of 
Q 10 the invention when read in conjunction with the drawing 
ft 11 figures, in which: 

1U 

^ 12 Fig. 1 shows a graphical representation of 10 network 

q 13 elements mesh connected; 

14 Fig. 2 illustrates an example of a High-level flow of 

m 15 method; 



16 Fig. 3 shows a matrix with Catalog "123" versus Catalog 

17 "ABC" with one connection identified; 

18 Fig. 4 shows a matrix with multiple connections at the 

19 same intersection identified; 

20 Fig. 5 shows an expansion of a Catalog Element; 

21 Fig. 6 shows an expansion of a Catalog Element that is 

22 in itself a Catalog; 
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1 Fig. 7 shows an example of input/output block for a 

2 connection identified by the intersection of catalog 

3 elements; 

4 Fig. 8 shows an example of steps for configuring a 

5 network; 

6 Fig. 9 shows an example of steps for changing a 

7 connection; 

8 Fig. 10 shows an example of a matrix of connections 

9 showing possible monitoring method; 

10 Fig. 11 shows an example of a matrix of connections 

! %J 11 showing possible problem determination and tuning 

12 method; 



ii i 



13 Fig. 12 shows an example of steps for modeling a 

14 network; and 

15 Fig. 13 shows an example of a matrix with catalogs with 

16 one intersection identified. 



17 DETAILED DESCRIPTION OF THE INVENTION 

18 This invention provides methods, apparatus and computer 

19 related articles for connection representation used for 

20 configuration, administration, monitoring, modeling 

21 etc. In a prime use of this invention the connections 
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1 


are logical connections/ often referred to as overlay- 




2 


networks. For example, it provides input/output 




3 


modeling in a network -wide view of network elements for 




4 


VPNs , QoS overlay networks, etc. This invention can 




5 


also be used on other overlay networks such as VLANs. 




6 


The connections are not required to be logical but can 




7 


be physical as well; i.e., this invention can also be 




8 


used in the context of non- overlay networks, e.g. for 




9 


showing the physical connectivity between network 




10 


elements . 




11 


An example embodiment of a method to implement the 




12 


invention is shown in Figure 2. In 210, catalogs are 




13 


formed. In 220, the matrix is created and displayed. In 


111 


14 


230 a connection representation between pairs of 


g 


15 


elements in the catalog is formed. From this connection 




16 


information, actions may be taken within the network to 


113 


17 


cause the network to instantiate the connections that 




18 


are defined in 230. The network administrator uses the 




19 


matrix created in 230 as a basis for monitoring 240, 




20 


problem determination 250, tuning 260 and/or modeling 


': : 5 


21 


270, etc. 


*D 


22 


It is advantageous to form catalogs of elements 




23 


considered for interconnection by themselves. Thus, 




24 


each instance of an object class or type is in a list 




25 


or catalog. There can be multiple catalogs of the same 




26 


object class. For example, in the object class of 




27 


routers, one catalog includes all routers on the west 




28 


coast, and a separate catalog includes all routers in 




29 


the east cost. Catalog elements are manipulated such 




30 


that a new catalog is created from the intersection or 
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union of existing catalogs. Elements can be ordered, 
added, moved and deleted from one or more catalogs. 
Examples of object classes (the type of catalogs) 
include one or more of the following: 

• Endpoint catalog - which includes a set of 
endpoint elements that can connect to other end 
point elements . 

• QoS catalog - which includes the types of (Quality 
of Service) QoS that are available, e.g. 
guaranteed latency, guaranteed bandwidth, best 
effort, etc. 

• Tunnel catalog - which includes the types of IPSec 
tunnels that are available, e.g. weak tunnel, 
normal secure tunnel, extremely secure tunnel, 
etc. 

• Encryption methods . catalog - which includes the 
types of encryption that are available, e.g. DES, 
3DES, RC4, blowfish, etc. 

• Validity catalog which includes the times that the 
connection is valid, e.g., normal business hours, 
not first shift, Saturdays 10 to 11 AM, etc. 

• Action catalog - which includes the type of 
actions that a user can do, e.g. halt traffic 
between the endpoints, cause an IPSec key exchange 
to occur immediately, update the monitoring 
information, etc. 

• Traffic Loading catalog - which includes the 
network traffic characteristics (e.g. frame size 
distribution, frame transmission distribution) for 
use as loading input to a network model. 
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1 


Catalogs may be hierarchical such that the definition 




2 


of an element in a "hicrher" level catalocr mav be 




3 


created from and/or with elements of "lower" level 




4 


catalogs. For example, in creating the tunnel catalog. 




5 


one can select elements from a type of encryption 




6 


catalog, a validity time period catalog, etc. This 




7 


hierarchical construct allows multiple levels of 




8 


abstraction. 




9 


The catalogs are advantageously displayed using a 




10 


. matrix method. An example embodiment creates a 


1 E 


11 


catalog/element matrix with the elements of one or more 




12 


catalogs along row and column edges of the matrix. The 




13 


intersection of the elements in the matrix form a cell 




14 


(or block) which is useful to define actual or 


d 


15 


potential connectivity. By manipulation of the elements 


sii 


16 


in the catalog, the network administrator determines 




17 


which sets of catalog elements are shown. This provides 




18 

1 O 
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J— C 


19 


It is also a method of abstraction because catalog 


: : s 


20 


elements can themselves be catalogs. Figure 3 shows a 




21 


representative GUI, 300, showing the catalog matrix 




22 


with the "ABC" catalog, 310 and the "123" catalog, 320, 




23 


with the intersection, 330, of element 4 and element d 




24 


identified. 




25 


An embodiment creates directionality (simplex 




26 


connections) either within an intersection cell or by 




27 


the positional construct of one catalog's elements (say 




28 


the one displayed on the vertical axis) to the other 




29 


catalog's elements (say the one displayed on the 
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horizontal axis) in that single direction only. For 
example, in Figure 3, intersection (D,4), 330, has a 
connection directed from Endpoint D, 314, to Endpoint 
4, 324, but not a connection directed from Endpoint 4 
to Endpoint D. 

If the intersection cell represents duplex connections, 
the intersection exists twice in the matrix as 
intersection (D,4) and intersection (4,D) . In some 
embodiments the duplex intersection cells are shown as 
mirror images of each other. Sometimes the intersection 
cell connection in one direction is shown shaded gray, 
while the connection in the other direction is shown 
unshaded. 

Multiple connections between the same endpoints are 
created within the intersection block by logically 
"stacking" the intersection blocks. For example, for 
each connection (either simplex and/or duplex) a block 
is created. Each block represents a particular logical 
connection. Thus, a matrix with three dimensional (3-D) 
towers is created. Three connections, 401-403, between 
the same endpoints are shown in the common intersecting 
cell 410 in Figure 4. 

In a GUI implementation, multiple connections are 
advantageously shown by either a 3-D method, as 
illustrated in Figure 4, item 410, or by a graphic 
within the cell indicating that there are additional 
blocks "under" the currently visible block. 
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1 


For simplicity in illustrating the concepts of the 




2 


present invention, only one duplex connection is shown 




3 


between endpoints in the figures that follow. However, 




4 


those familiar with the art can easily implement the 




5 


concepts using other beneficial implementations for 




6 


single, duplex and/or multiple connections. 




7 


It is noted that the elements along a matrix axis can 




8 


be members of more than one catalog, and/or more than 




9 


one catalog can be displayed on each axis of the 




10 


matrix. Generally, both catalogs of elements, and 




11 


elements that are not in and of themselves catalogs may 


n 


12 


be displayed simultaneously on an axis. Additionally, 


lli 


13 


it should be realized that the same catalog or set of 


HI 


14 


catalogs or elements can be display on both axes. When 




15 


this occurs and connectivity is assumed for all matrix 




16 


intersections, a mesh connected network results. 




17 


A star connected network results when a catalog having 


U ' 


18 


multiple elements (or even other catalogs) is assigned 


! 3 


19 


to one axis, a single element is assigned to the other 




20 


axis, and connectivity is assumed for all matrix 




21 


intersection cells. 




22 


The matrix display of catalogs is extended beyond the 




23 


concept of using the intersection of catalog elements, 




24 


to the concept of using each catalog element itself. In 




25 


the example that follows, the catalogs contain routers, 




26 


or network elements, that proxy or act as a gateway for 




27 


sets of network elements located "behind" the router. 
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1 Figure 5 shows a case which uses matrix, 300, when the 

2 user selects ("clicks on") a catalog axis element/ 510. 

3 In this situation, information about the constitution 

4 of the catalog element is displayed, 520. 

5 This approach is extended to elements of a catalog that 

6 are in and of themselves a catalog. In this situation 

7 catalog/elements are embedded within other 

8 catalog/elements. Figure 6, shows a case using matrix 

9 300, wherein one selects element, 510, and obtains that 

10 which constitutes this element, 520. Now, when one 

11 selects ("clicks on") Subnet 10, in 520, a sub-catalog 
□ 12 630 is displayed. Sub-catalog 630 is a list of network 
h p 9 13 elements within Subnet 10. Now, when one selects 

5 J § 

jij 14 ("clicks on") one of the network elements of catalog 

Ni 15 630, one is shown a sub:catalog, 640. In this case, 

ii 16 sub -catalog 640 is a list of applications executing on 

(33 17 that network element. Since, in general, network 

L 18 elements are not limited to traditional network 

Q 

m 19 equipment, but may also include hosts and clients, 

O 20 representation of additional relevant information is 

ffl 

"n 21 possible. For example, one could further select 

y3 22 (click -on) one of the applications and be shown a 

23 catalog, 650, (a list) of users of that application. 

24 Furthermore, one could select (click-on) a user and 

25 view usage statistics about that user. This process can 

26 continue to show more and more embedded information 

27 regarding a connection. . 

28 Now we consider an example of an initial configuration. 

29 It is noted that details of this step are generally 

30 implementation dependent and may also vary with the 

12 
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1 network type. Figure 7 shows a way to configure 

2 connectivity between two endpoints. In this simplified 

3 example, it is assumed that a user is trying to 

4 configure an IPSec based VPN and must specify the type 

5 of tunnel, the type of QoS and the user of the tunnel. 

6 The network administrator displays the catalogs of 

7 interest along the edges of the matrix, 300, and 

8 selects (clicks on) an intersection of endpoints within 

9 the matrix. This brings up, 710, which is a set of 

10 catalogs or lists which offer the connectivity 

11 attributes that can be or should be set or a wizard to 

12 aid in the choices of appropriate values for the 

13 attributes. 



fy 14 For illustration simplicity and clarity, the concept of 

.1 15 multiple connections between the same endpoints as 

q 16 noted above is not shown in the following 

ffl 17 illustrations. 

CP 18 In one embodiment, the steps for configuring are as 

!~ 19 shown in Figure 8 . 

20 Step 1. Select Logical Connection by "clicking on 11 

21 or selecting an intersection point 810. This 

22 brings up a "selection box" that contains fields 

23 for the pertinent information. 

24 [Thus, in the example of Figure 7, each 

25 direction 711, 712, is configurable 

26 separately so as to give meaning to the From, 

27 715, and To, 716, fields. It is assumed that 

28 the catalogs of tunnel types 713, QoS types 

13 
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714, and potential tunnel users have been 
previously populated. The question marks 720 
indicate fields that when selected, a 
"wizard" or catalog of possible values is 
displayed. For example, a wizard is displayed 
when the catalog of values is not complete or 
to help in selecting the value from a 
catalog. ] 

Step 2. For each field, select a value from a 
catalog of possible values, 820. 

Step 3. After selecting values for all fields, the 
user has completed the configuration for the 
connection between the two end points and the 
configuration is stored for retrieval and/or 
display as desired, 830. 

It is noted that all examples are only representative 
illustrations of the invention, and are not 
comprehensive enumeration of the fields that must be 
completed for configuration in a particular embodiment. 

An embodiment for changing configuration is shown in 
Figure 9. The same concept used for initial 
configuration is used for modifying an existing 
configuration. The steps are as follows: 

Step 1. Given a connection exists between two end 
points as shown by the intersection of an element 
from two matrix displayed catalogs, the user 
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1 selects that connection from the matrix 

2 intersection that represents the connection, 910. 

3 Step 2. Given the matrix intersection connection 

4 selection, the user changes the attributes of the 

5 connection by "clicking -on" that selection, 920. 

6 This brings up a selection block that contains 

7 changeable information. For example, this may be 

8 the same selection block that was used to 

9 configure the connection. The user clicks on a 

10 changeable field which results in the display of a 

11 catalog whose elements could be used in the field, 
p 12 or a wizard may become available to configure the 

13 field. 

i y 

/"-J 14 Because the elements that form axis of the matrix can 

s ~j 15 be catalogs in and of themselves, a matrix 

IB 16 intersection cells can represent a catalog of 

L 17 connections. This catalog of connections can operate in 

m 18 a way similar to the way shown in Figure 6. 

y 19 For example, assume a highest level catalog is named 

■2 20 east coast. It includes elements which are in and of 

^5 21 themselves catalogs, namely: Miami, Atlanta, Durham, 

22 and Hawthorn. Each of these includes elements which are 

23 in and of themselves catalogs. The Miami catalog has 

24 included elements, namely: router 1, router 2 router 3. 

25 Each of these included elements are catalogs that 

26 contain other included elements. Thus, router 1 catalog 

27 contains elements interface 1, subnet w.x.y.z, specific 

28 IP address a.b.c.d. and so on. 
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1 The phenomenon of embedding intersections within other 

2 intersections may continue as needed by the particular 

3 application and network. Thus one could begin with a 

4 lxl matrix of east coast verses east coast, which only 

5 has a single intersection cell. Selection of this 

6 single intersection cell, generates an expanded 

7 "submatrix" whose both axes contain cities, namely: 

8 Miami, Atlanta, Durham, Hawthorn. Selecting the 

9 intersection, Miami verses Miami, generates an expanded 

10 submatrix whose axis contains a list of routers, 

11 namely: router 1, router 2, router 3. Further, 

12 selecting the intersection, router 1 versus router 1, 
O 13 generates an expanded submatrix whose axis contains 

^ 14 network components, namely: interface 1, subnet 

n* 15 w.x.y.z, specific IP address a.b.c.d. One could then 

16 select any of these network component intersections, 

1=5 17 say interface 1 verse sujbnet w.x.y.z. This intersection 

IB 18 represents this particular connection of the many 

L 19 possible within the network. This operation is herein 

IIS 20 referred to as matrix expansion. Matrix expansion is 

u 21 used to satisfy the needs of the particular application 

IB 

s q 22 and/or user. It allows the systematic selection and 

^3 23 display of any of the available levels of embedded 

24 intersection cells. 

25 The concept of "matrix abstraction" may be employed 

26 with significant benefits in accordance with the 

27 present invention. This is because the matrix 

28 intersection of catalogs of catalogs represent a 

29 catalog of connections, one can abstract very large 

30 configurations and display these configurations by 

31 displaying the topmost catalog. The matrix 

16 
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1 representation of the topmost catalog is said to be 

2 abstracted from the main or total network matrix. 

3 Consider the case when a highest level catalog named 

4 east coast contains four elements. These four elements 

5 are in and of themselves sub -catalogs of cities, 

6 namely: Miami, Atlanta, Durham, Hawthorn. Assume that 

7 each of these cities have three elements. These three 

8 elements each further contain 3 elements which are in 

9 and of themselves sub -catalogs, 

10 [For example, the Miami catalog contains elements 

11 which are router sub - catalogs , namely: router 1, 
□ 12 router 2 router 3; 

HJ 13 each of these router sub -catalogs contain 3 

,1 14 network elements, e.g., the router 1 catalog 

q 15 contains network elements, namely: interface 1, 

'3 16 subnet w.x.y.z, specific IP address a.b.c.d.] 

111 17 Then the total number of elements represented by the 

!d 18 top-level catalog is 4x3x3=36 elements. This has a 

:fl 19 total of 1296 (36x36) connection possibilities which 

^3 20 may be displayed in a systematic manner using the 

21 representation of the present invention. All of these 

22 result from the single cell lxl matrix of east coast 

23 versus east coast as the specified starting point. 

24 Thus, because a user can arbitrarily form catalogs, 

25 which can also be catalogs of catalogs, the user can 

26 abstract the connections to any level desired in 

27 accordance with the present invention. 

17 
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1 A further benefit of the representation of the present 

2 invention is the concept of matrix inheritance* As 

3 noted, making use of the abstraction property, one 

4 defines a matrix with a row of one or more catalogs 

5 versus a column of one or more catalogs. Generally/ one 

6 or more of the catalogs includes elements that are in 

7 and of themselves sub - catalogs . The concept of 

8 inheritance provides the ability of propagating an 

9 inheritable action and/or attribute to an entire 

10 inheritance group. In one embodiment this is 

11 accomplished just by performing, adjusting or setting 

12 that action/attribute at a group parent. In alternate 
p 13 embodiments the action/attribute is inherited by 

14 performing, adjusting or setting that action/attribute 

jSj 15 at any group member. Thus, when an action (e.g. setting 

N 16 a parameter) is done at a intersection cell, then this 

-J 

^ 17 action is inherited by all elements of all the 

ib 18 sub -catalogs of catalogs in the entire inheritance 

L 19 group. 

* J 20 For instance, if the highest level catalog, named east 

21 coast, contains 4 elements which are in and of 

^0 22 themselves sub-catalogs > (named: Miami, Atlanta, 

23 Durham, Hawthorn) , and each of these contains 3 

24 elements which are in and of themselves sub - catalogs , 

25 (e.g., the Miami catalog contains router 1, router 2 

26 router 3), and each of these contains 3 elements, (e.g. 

27 the router 1 catalog contains elements interface 1, 

28 subnet w.x.y.z, IP address a.b.c.d) and a lxl matrix of 

29 east coast versus east coast was specified, any action 

30 done to the intersection formed by the lxl 

31 (single- cell) matrix (being the group parent) is 
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1 reflected into all the 1296 connections included within 

2 that single matrix cell. 

3 In accordance with the present invention, the matrix 

4 display concept can be used in the context of 

5 monitoring of all or some connections. Given that the 

6 intersections in the matrix can indicate connections, 

7 one can display many dynamic parameters of elements, 

8 connections and/or catalogs with the use of colors or 

9 symbols. As an illustration, one embodiment uses the 

10 following color scheme, applied at the intersection 

11 point of elements in the matrix catalogs, to display 

12 status about connections between elements in the 

13 catalogs: 

Black - connection is not currently configured; 
Yellow - connection is configured, but not 
currently enabled; 

Green - connection is configured, enabled and 
operating correctly; 

Red - connection is configured and enabled but not 
operating correctly (e.g. QoS not being 
maintained) ; and 

Flashing Red with sound - connection has a serious 
problem, e.g. a potential security violation such 
as hacker attempting to insert traffic into the 
connection has been detected. 

26 The different types for "monitoring" information that 

27 can be displayed is large and limited only by 

28 imagination of the implimentor. Other examples include 

29 performance or loading information, i.e. yellow - no 
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traffic observed in last observation period, green - 
medium loading, red - more than 85% utilization, 
flashing red - excessive packet loss. 

Figure 10 shows a black and white example of displaying 
monitored connections using different types of cross 
hatched lines for different status items. It shows the 
status indicated by the direction of the slash. 

1010 (No lines) - no connection configured; 

1020 (Grid slashes) - connection configured, but 
not enabled; 

1030 (Reverse slashes) - connection configured, 
enabled and operating correctly; 

1040 (Horizontal slashes) - connection configured, 
enabled but not operating correctly (e.g. QoS not 
being maintained) ; 

1050 (Vertical slashes) - hacker attempting to 
insert traffic into the connection. A BEEP 
indicates an audio alarm is sounded. 

It is noted that Figure 10 is only an illustration. It 
is not a comprehensive enumeration of the information 
that can be displayed. Furthermore, the monitoring and 
displaying functions are not limited to the 
connection, but can be extended to the resources that 
make up the connection or that constitute the end 
elements, etc. As known to those skilled in the art, 
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the concepts of this invention do not have a dependency 
on the type of information displayed. For example, it 
can be dynamic and/or static, fixed or variable, short 
form or long form, continuous or intermittent, etc. 

In accordance with the present invention, the 
connection representation concept is useful among other 
things, for identifying and solving network operation 
problems, tuning parameters of network elements and/or 
connections, and scheduling specific tasks that are 
triggered by events in the network or simply initiating 
them directly. This may include actions or tasks for a 
connections. Thus, since intersections in the matrix 
can indicate information about connections, one can be 
provided with an ability to select ("click on") an 
intersection and initiate an action or task. 

Example of actions or tasks include: 

• Retrieval of additional information/statistics 
(such as bytes/sec, size of frames, traffic 
rate ranked by sending address, etc.) 

• Take action (such as test connectivity between 
the endpoints, manually refresh the keys, halt 
traffic, etc.) 

• Tuning one or more connections (such as alter 
the QoS parameters, change the mix of traffic 
allowed through the connection, alter buffer 
sized, etc.) 

• Setting alarms, alerts and/or thresholds to use 
when monitoring a connection. 
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An example illustrating a problem determination process 
is shown in Figure 11. Figure 11 uses the connection 
matrix, 300. One selects an intersection and brings up 
a display, 910, that aids in problem determination or 
tuning. This could include the setting of thresholds, 
etc. 

An embodiment of the present invention performs 
modeling as shown in Figure 12. The figure shows steps 
for the matrix display being used as an input method 
for modeling tools. 

Step 1. Using the matrix method described 
above, 1210, one defines the network to be 
modeled, 1220, i.e., define the resources 
(endpoints) and the connectivity between 
resources ; 

Step 2. Given a matrix of connections, 300, one 
could select an intersection, 1230, and define 
the attributes, 1240, of the connection, i.e. 
maximum frame size, TCP/IP window size, etc. 
One could also define the attributes of the 
endpoint, i.e. buffer size, speed, etc.; 

Step 3. Given the matrix of connections and 
endpoints and their capabilities, one could 
then: 

• Define a work load to flow through the 
connection and/or between endpoints; 
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1 • Define the rate of traffic to flow 

2 through the connection; and/or 

3 • Define dynamic aspects of a flow 1250; 

4 Step 4 Run the model 1260; and 

5 Step 5 Display the results 1270. 

6 • One could display results in the same 

7 method as one monitors the network (see 

8 above) . 

9 • One could display results within the 
10 matrix or endpoints . 

hj 11 This method describes a way to represent relationships 

12 between entities. Given this representation, it then 

13 provides a framework to perform actions based on the 

14 relationship. The entities are often said to 

15 constitute a network of elements. The elements and the 

16 network can be quite generic. Examples include: 

17 • computer networks where the elements are 

18 communications devices such as routers or 

19 firewalls or combinations of devices; 

20 • networks based on any level in a protocol 

21 stack, such as applications connectivity at the 

22 application layer or MAC (Media Access Control) 

23 connectivity at the MAC layer; 
24 



: » 
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An example of an application is the 
representation of database applications that 
have connectivity between themselves; 

An example of a MAC layer are MAC address 
domains connected by LAN bridges . Other 
examples are known to those skilled in the art. 

• IP networks where elements are devices that 
contain an IP protocol stack; 

• Switching systems, including data or telephone 
systems ; 

• Water systems where the elements are the supply 
points and the usage points; and 

• Distribution systems where the elements are 
warehouses and retail stores. 

The representation method and framework consists of 
grouping the elements into catalogs or sets. A catalog 
is created by standard combinatorial operations that 
include but are not limited to the following: 

• add an element to a catalog; 

• delete an element from a catalog; 

• change an element in a catalog; 

• copy or move an element from another catalog; 
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• create a catalog that represents the 
intersection of elements of two or more other 
catalogs; 

• create a catalog that represents the union of 
elements of two or more other catalogs; and 

• other element and/or catalog operations known 
to those skilled in the art. 

There is generally no restriction on the number or type 
of elements in a catalog. 

Generally, an element in a catalog can be of one of two 
types : 

"atomic" element - the element does not contain 
other elements, or 

"catalog" element - the element is a catalog of 
other elements. 

In the following claims, both types of elements are 
generically referred to as elements. Thus catalog is 
a hierarchical grouping construct - a catalog is made 
up of elements, some of which can themselves be 
catalogs of other elements, and so on. It is noted 
that a catalog can contain both "catalog" elements and 
"atomic" elements with no restriction on the number of 
either type of elements. In the following, the 
elements that are members of a catalog that is itself 
an element within a higher level catalog can be 
referred to as "sub -elements" of the higher level 
catalog. 
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1 The representation of the interconnection (s) between 

2 the element (s) of catalogs is created by a matrix view 

3 in which catalog (s) 's elements are placed on the axis 

4 of the matrix. The matrix cells formed by intersection 

5 of the elements along rows and columns represent the 

6 connectivity relationship that exists between the pairs 

7 of elements. To those skilled in the art, alternate 

8 representations of a traditional row and column matrix 

9 can be used. In figure 13, one or more catalogs, 1310, 

10 whose members are {a, b, c, d} is placed on one axis of 

11 the matrix and one or more catalogs, 1320, whose 

p 12 members are {1, 2, 3} is placed on the other axis. 

;^ 13 The intersection of a pair of elements, 1330, 

ru 14 represents the connectivity between the elements. 

N 15 Elements are not required to be positionally 

j«l 16 dependent. For example, the connectivity of element b 

BJ 17 and element 3 is represented by the information 

L 18 contained in the intersection of pair of elements {b} 

S 19 and {3} . 

^ 20 Note that it is not a requirement that all 

'3 21 intersections represent connections, some intersections 

22 may represent no connections. The elements that are 

23 placed on one axis of the matrix can be identical to 

24 the elements on the other axis of the matrix or they 

25 can be different. Uniqueness is not required, either 

26 among the elements on the same axis or on different 

27 axis. This does not preclude making the elements 

28 unique or positionally dependent. If the matrix is 

29 too large to be practically displayed, a portion of the 

30 matrix can be displayed using typical scroll bar 
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1 


techniques or other methods known to those skilled in 




2 


the art. Alternatively, making use of the abstraction, 




3 


one could form a higher- level abstraction of the 




4 


elements by forming catalog element (s) that contains at 




5 


least a portion of the elements and displaying the 




6 


abstracted catalog elements. 




7 


If any of the element of a catalog are catalogs in and 




8 


of themselves, i.e., the element is called a catalog 




9 


element and it contains sub - elements , the intersection 




10 


within the matrix of a catalog element with either 




11 


another catalog element or an atomic element represents 




12 


both the catalog element and the atomic element 




13 


relationship abstraction and the sub -elements of that 


m 


14 


catalog element with the other elements. This can be 




15 


represented by another matrix, called a sub-matrix, 


Q 


16 


whose axis contain the sub -elements of the catalog 




17 


element and if present in the original matrix 




18 


non- catalog elements. It should be recognized within 




19 


this new sub -matrix, there may be intersections of 


= 3^? 

:"t=i 


20 


elements that are catalog elements and this process of 




21 


creating a new sub -matrix can be repeated. A 




22 


sub -matrix can be formed when, in the matrix there 




23 


exists a intersecting cell formed by either a catalog 




24 


element paired with another catalog element or atomic 




25 


element . 




26 


The matrix representation may also be made to represent 




27 


directionality of the connections between elements . 




28 


For example, it could be defined that the flow of 




29 


traffic within a connection orginates from the elements 



30 on one axis and terminated in the elements of the other 
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1 


axis. Further, if the same elements were placed on 




2 


both axes, except for the matrix diagonal, each pair of 




3 


pigments (one member of the nair from one axis, the 




4 


other member of the pair from the other axis) would be 




5 


represented twice, i.e., {a,b} and {b,a}. If the 




6 


matrix was constructed to represent directionality, 




7 


each pair would explicitly show the flow in one 




8 


direction, {a,b} from a to b and {b,a} from b to a. 




9 


If in the matrix, an element on an axis is in and of 




10 


itself a catalog, then the connection relationship 




11 


represented by a matrix intersection cell associated 




12 


with that catalog element applies to all sub -elements 


'=5? 


13 


represented by the catalog element. 


in 


14 


Catalogs do not have to be unique, either in their 


D 


15 


structure or their members, i.e., two or more catalogs 


IB 


16 


can have identical sets of elements. Furthermore, two 


H 


17 


catalogs may have only a portion of their elements that 


III 


18 


are identical. Also, when defining the matrix, the same 


5 


19 


catalog can be used for specifying elements on both the 




20 


axes or two catalogs can be used, one for each axis. In 


-S3. 


21 


the former case, obviously, elements on one axis are 




22 


*i c\&r\ t "i fa 1 tn thosp on thp oi"hpr Howpvpt thp samp 




23 


configuration will also result when two catalogs are 




24 


used that have identical composition. In general, 




25 


elements on the two axes of the matrix may have none, 




26 


some or all of the elements that are common depending 




27 


on how catalogs are chosen for the axis. 




28 


This method can be used to represent a wide variety of 




29 


networks used in communication, including virtual 
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1 networks and overlay networks . Virtual networks are 

2 often formed by logically partitioning a network f s 

3 physical connectivity to give the appearance of a 

4 physical network that is a logical subset of the real 

5 network. Overlay networks are sometimes synonymous 

6 with virtual networks, in that a logical network is 

7 "overlayed" onto a physical network or a portion of a 

8 physical network. More generally, an overlay network is 

9 an abstraction of a subset of the real network that is 

10 defined by availability of specific service. Examples 

11 of these types of networks include but are not limited 

12 to: 

Q 

jS 13 • IPSec networks which provide secure "tunnels" 

j|1 14 between points in the network, 

15 • Quality of Service (QoS or QOS) networks which 

q 16 attempt to provide a class or quality of 

ffl 17 service for the traffic between points in the 

q 18 network. 

m 19 • Multiprotocol Label Switching (MPLS) networks 

S 20 which use MPLS methods to set up paths through 

=0 21 the network. 

t,y 22 • Virtual LAN (VLAN) networks which form logical 

23 LAN (s) based on a subset of the connectivity 

24 available in the real physical LANs. 

25 This method can be used to configure all of the 

26 possible connections between the catalogs or it can be 

27 used to configure a portion of the connections. 
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1 This method can also be used to associate tasks with a 

2 connection. Any of tasks can be specified to be 

3 executed as a result of change in the state of a 

4 connection or at a predetermined time or on occurrence 

5 of some other event. Tasks can also be formed to 

6 modify themselves or other tasks. Once such tasks are 

7 assigned, it is also possible to directly invoke any of 

8 such tasks through manual intervention. For example, 





9 


• at a defined time or time period, one could 




10 


invoke a task that changed the attributes of 




11 


the connection, i.e. at 5:00 each day, all. 


.'.IKS. 


12 


traffic is blocked. 


ifl 

s JLi 


13 


• at a defined state or rate of change of state, 


rd 


14 


one could invoke a task that changed the 




15 


attributes of the connection, i.e., if the 


t 


16 


throughput of the connection exceeds "n", then 


19 


17 


lower the priority of all packets that traverse 


Q 


18 


the connection or if the rate of change of 


m 


19 


utilization of the link is greater than 5% per 


m 


20 


minute, activate another link between the 




21 


endpoints . 




22 


• at a given change in state, such as an 




23 


unauthorized attempt to access a resource or a 




24 


link failure, one could invoke a task that sent 




25 


an alert to network or system management entity 




26 


or cause a page or fax notification to be sent. 




27 


• as part of a diagnostic or maintenance test, 




28 


network administrator may manually invoke an 
assigned task, for example shutting down a 




29 




30 


router, or disabling a feature 
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(RSVP/IPSEC/Filtering) on a particular router 
interface. 

An element in a catalog (note that an element can be a 
catalog in and of itself) or the representation of the 
connection indicated by the intersection of elements 
can be an abstract entity. The element can represent 
an abstraction of physical or nonphysical items. 
Examples of physical items are routers, gateways, 
firewalls. Examples of nonphysical items include the 
IP addresses or IP subnets associated with a router, IP 
addresses or IP subnets proxied for by a router, groups 
of users, groups of addresses, attributes of 
connections or physical devices. Abstract elements 
also include offerings of services such as quality of 
service offerings, security offerings, assured delivery 
and expedited delivery offerings, controlled load 
services, and service level agreements. Abstract 
elements can include attributes such as tunnel validity 
periods, DES, triple DES, RC4, SHA, buffer size, 
maximum frame size, application type. Other examples 
are known to those skilled in the art. 

A method of displaying the connection relationships 
using a matrix has been discussed. In some cases, one 
will display the complete matrix, in others, one may 
display a portion of the matrix. Note that to those 
skilled in the art, there are other ways to display a 
matrix than the ones illustrated in this write-up. 

Given that the intersection of two elements is a 
representation of information either about the 
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1 


elements, their connectivity or some other relationship 




2 


that exists between the elements, one can also use the 




3 


same representation to aid in monitoring aspects of 




4 


this relationship. For example, if the intersection 




5 


represented a connection, one could display monitoring 




6 


information about the connection. This could be items 




7 


like the connection state (is the connection active?) , 




8 


the throughput of the connection, accounting 




9 


information such as how long the connection has been 




10 


active or if the throughput is or has exceeded the 




11 


committed information rate for the connection. Because 




12 


the intersection can be created when one or both of the 




13 


elements are catalogs in and of themselves, the 




14 


information represented by the intersection can 


\ y 


15 


represent an abstraction or summary of the information 


'=1.1 

\xf 


16 


for all or part of the elements that are contained in 


17 


the element that is in and of itself a catalog. For 




18 


example, if the two elements forming the intersection 


Hi 


19 


were East_Coast_Routers and West_Coast_Gateways , and 


IJ1 


20 


these elements were catalogs in and of themselves, each 


0 
m 


21 


containing some number of routers and gateways, the 


<0 


22 


intersection of the elements East_Coast_Routers and 




23 


P/est_Coast_Gateways could result in the display of a 




24 


monitoring of the number of bytes transferred between 




25 


the two elements (East_Coast_Routers and 




26 


F/est_Coast_Gateways) . This number of bytes would be 




27 


the sum of all bytes transferred between all routers 




28 


and gateways (all the sub -elements derived from the 




29 


elements East_Coast_Routers and &fest_Coast_Gateways) 




30 


that were represented or abstracted into the elements 




31 


Bast_Coast_J?outers and West_Coast_Gateways . 
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If there is one element in a catalog and multiple 
elements in another catalog, the resulting matrix can 
be said to represent a star network because the 
representation of the connectivity is between the one 
element and the multiple elements, a one -to -many 
topology. If there are multiple elements or there is an 
element that is in and of itself a catalog of elements 
in the catalogs that are positioned along the axis of 
the matrix, the resulting matrix can be said to 
represent a mesh network, because the representation of 
the connectivity is between multiple elements on each 
axis and there is a connection between each element on 
one axis to every element on the other axis. 

A wizard is a tool that aids a person doing a task. 
Wizards are used to create catalog elements or 
attributes associated with an element or group of 
elements. Wizards are also used to aid the creation or 
deletion of a connection or the modification of an 
attribute of the connection. For example, a wizard may 

• assist in organizing a catalog; 

• setting the initial values of attributes; 

• help by generating context sensitive templates 
for the elements or their attributes; 

• assist in defining the relationships between 
elements ; 

• setting the initial configuration between 
elements ; setting the ongoing relationship or 
configuration between elements; and 
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• and any other tasks known to those skilled in 
the art. 

When the matrix representation is formed, the 
connections between the elements can be initialized to 
connected by default. In a later configuration step, 
connections that are not desired can be removed. They 
may be removed by direct action or with the use of a 
wizard. Likewise, when the matrix representation is 
formed, the connections between the elements can be 
initialized to an unconnected state. In a later 
configuration step, connections that are desired can be 
added by direct action or with the use of a wizard. 
Likewise, when the matrix representation is formed, 
connections can be initialized by rule. For example, 
connections designated as primary may be formed, all 
others are not. Note that the use of a wizard to add 
or remove connections is not dependent on the 
initialization process. 

This invention has the property of inheritance, both at 
the element and at the connection representation 
levels. Thus, if an element is in an of itself a 
catalog, i.e. the element is formed from sub-elements, 
when an inheritable change is made to an element's 
attribute, the change is propagated or inherited by 
the sub-elements. For example, if a catalog had 
elements {A, B, C} and element A was a catalog 
containing {Al, A2, A3}. Then an inheritable change in 
A is propagated to Al, .A2 and A3. Because Al, A2 and 
A3 can be catalogs in and of themselves, the 
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sub-elements that compose them could also receive the 
change made by A. Because there is no restriction that 
a element must not be a -catalog, there is no 
restriction on the number of times this principle can 
be applied. Likewise, if a connection representation 
was formed from elements that are in and of themselves 
catalogs, changes in the connection representation are 
inherited by all connections representations that can 
be derived from the elements of the all the catalogs of 
catalogs. For example, assume the highest level 
catalog, named east_coast, contained 4 elements which 
were in and of themselves catalogs, named: Miami, 
Atlanta, Durham, Hawthorn, and each of these contained 
3 elements which were in and of themselves catalogs, 
e.g., the Miami catalog contained router_l , router _2 , 
router__3, and each of these contained 3 elements, e.g. 
the router_l catalog contained elements interface_l , 
subnet_w.x.y. z, IP_address_a. b. c . d. Now, if a lxl 
matrix of east_coast versus east_coast was specified 
and an action was done to that intersection formed by 
the lxl matrix, this action would cause a change in all 
connection representations that can be derived from the 
elements of the catalogs of catalogs. Examples of 
actions are the setting of a security policy or a 
quality of service. Other examples are known to those 
skilled in the art. In a similar manner, if an 
attribute of all derivable connection representations 
or elements was the same for all the connection 
representations or elements and an attribute of a 
connection representation or an element was changed, 
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this change could be reflected in the representation of 
the catalog element or the abstracted connection 
representation. For example, if the highest level 
catalog, named east_coast, contained 4 elements which 
were in and of themselves catalogs, named: Miami, 
Atlanta, Durham, Hawthorn, and each of these contained 
3 elements which were in and of themselves catalogs, 
e.g., the Miami catalog contained router_l, router_2 
router_3, and each of these contained 3 elements, e.g. 
the router__l catalog contained elements inter face_l , 
subnet__w. x. y. z , IP_address_a.b. c. d and a lxl matrix of 
east_coast versus east_coast was specified in which 
an attribute was the same for all derivable connections 
representations and one of the connections 
representation's attribute was changed (e.g, 
east__coast/router_l/interf ace_l was set to no 
connection), the catalog's representation (e.g., 
east_coast) could indicated that the attribute was not 
homogeneously applied to all of the derivable 
connections representations. In a converse manner, if 
an element was a catalog element containing 
sub-elements, all derivable sub-elements would inherent 
the attributes of their "patent" element. If an 
attribute was not to homogeneously applied (inherited 
by all sub-elements) to all elements, the catalog 
element representation could indicate that the 
attribute was not homogeneously applied to (inherited 
by) all derivable sub-elements. Note that a 
sub-element can itself be a catalog and contain 
sub-elements . 
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These techniques can be extended beyond the 
configuration and administration tasks to monitoring at 
least some portion of the network. In addition to 
attribute type information for elements or the 
representation of the connection, one can display 
monitoring information about the elements or the 
representation of the connection. For example, one 
could show, at the matrix intersection, the status of a 
connection. Examples of status include: whether the 
connection is active or not, the throughput of the 
connection, the number of dropped packets /frames due to 
a quality of service definition. One can also show 
status associated with the elements at the edge of the 
matrix. Examples of status include: number of frames 
transmitted, number of attempts by an unauthorized 
entity to access the element, average size of outbound 
buffer used, number of configured tunnels, number of 
active tunnels. Status can be dynamic or static. The 
monitored information may be displayed in the form of 
text, graphics or audio. Examples include a text that 
is color coded per the status information; for example, 
a correctly functioning connection may be displayed in 
a color, such as green, while a failed connection may 
be displayed in a color such as red. An intrusion 
attempt may cause an audible alarm. A change in the 
performance of a connection may be shown. Status for a 
connection could show a bar graph of the utilization of 
the connection by connection type. Many other examples 
of monitoring the status and methods of displaying the 
information are known to those skilled in the art. 
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# # 





1 


These techniques can be extended beyond the 




2 


configuration, administration and monitoring tasks to 




3 


modeling at least some portion of the network. Since 




4 


the matrix can be used to represent connectivity 




5 


between elements and the elements can be used to 




6 


represent workload that the connection will experience, 




7 


one can use the same network representation to model a 




8 


network. Attributes of a connection may be specified 




9 


at the intersection point. The attributes define the 




10 


type of service the connection offers, such as the 




11 


number of servers, the server's service time 




12 


distribution, and the maximum system capacity. 




13 


Attributes of a workload may include the size of the 


w 


14 


packet, the interarrival time distribution, and the 


ru 


15 


priority of the packet. Other attributes for the 


'"1-5 


16 


connection and workload are known to those skilled in 




17 


the art. One can form or derive the network to be 




18 


modeled from the configuration and/or monitoring 


o 


19 


methods previously discussed. One can also derive the 


iji 


20 


workloads from the monitoring steps previously 


Irs? 


21 


discussed. In this way, one can model an existing 


t 5 i £ 


22 


network and perform investigation based on real or 




23 


projected network loading and real or projected network 




24 


configuration. For example, given a network model 




25 


derived from the real network, one could apply 




26 


projected workloads to the "real" network and observe 




27 


the effects on the "real" network. Likewise, one 




28 


could, given workloads derived from monitoring the real 




29 


network, apply these "real" workload to a modified 




30 


network and observe the effects on the "real" workload. 




31 


One could also export or import information into/out of 




32 


the model . 
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This invention can be manufactured in a variety of 
forms, including but are not limited to: 

• web based methods in that web pages are used to 
create this invention. 

• Java based methods, 

• stand alone programs, 

• integrated into other existing programs. 

The invention can be implemented and/or distributed in 
a variety of forms, including: 

• diskettes, 

• disks, 

• CDs, 

• tape, 

• downloads from a server (including web based 
downloads) . 

• and/or other techniques known to those in the 
art. 

The invention may be implemented as a network apparatus 
comprising: a matrix module forming a network matrix 
having at least one matrix row element and at least one 
matrix column element, and a plurality of network 
catalogs. Each of the catalogs listing at least one 
network element. The intersection of each matrix row 
element with each matrix column element forms a matrix 
cell, Each network element of a first subset of 
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1 network catalogs has a connection requirement with each 

2 network element of a second subset of network catalogs. 

3 Each network element of the first subset of network 

4 catalogs forms the matrix row element. Each network 

5 element of a second subset of network catalogs forms 

6 the matrix column elements. Each matrix cell 

7 represents a network connection between each network 

8 element of the first catalog and each network element 

9 of the second catalog. 

10 In an embodiment at least one network element is a 

11 catalog of sub -elements, and/or at least one of the 

□ 12 sub -elements is another catalog of sub - elements . and/or 

flj 13 the matrix module further forms a network submatrix 

ry 14 having at least one submatrix row element and at least 

'/i 15 one submatrix column element. The intersection of each 

q 16 said at least one submatrix row element with each said 

,B 17 at least one sub -matrix column element forms a 

n 18 submatrix cell. Each network element of a third subset 

IJ* 19 of network catalogs has a connection requirement with 

H 20 each element of a fourth subset of network catalogs . 

IB 

\Q 21 Each element of the third subset of network catalogs 

'•3 22 forms a submatrix row element, and each network element 

23 of the fourth subset of network catalogs forms the 

24 submatrix column element. Each submatrix cell 

25 represents a network connection between each network 

26 element of the third catalog and each network element 

27 of the fourth catalog. 

28 In a further embodiment the apparatus includes an 

29 attribute modifier module to modify at least one 

30 changeable attribute of at least one cell. In some 
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cases the attribute modifier further causes an 
inheritable change to be inherited by a group of 
inheritors; and/or a first network element is a first 
proxy; a second element is a second proxy, and the 
attribute is setting a Quality of Service, and the step 
of causing causes the Quality of Service policy to be 
set at all elements included in the first and second 
proxies; and/or a first element is a catalog of 
sub -elements, the attribute is setting an encryption 
policy, and the step of causing causes the encryption 
policy to be set at all sub -elements of the first 
element. 

The invention may further be implemented as a method 
comprising: forming a network matrix having at least 
one matrix row element and at least one matrix column 
element; forming a matrix cell at each intersection of 
each matrix row element with each matrix column 
element; and forming a plurality of network catalogs; 
listing at least one network element in each of the 
catalogs; setting the network element of the catalogs 
to be the matrix row elements; setting a network 
element of at least one of the catalogs to be the 
matrix column elements, and forming a representation of 
a connection requirement of each respective matrix row 
element with each respective matrix column element 
which form each particular matrix cell by the 
particular matrix cell. 

In some embodiments of the method at least one matrix 

row element is a sub -catalog listing at least one 

sub -catalog network element; and/or the method further 
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1 


comprises including the sub -catalog network elements 




2 


within the matrix row elements; and/or at least one 




3 


matrix column element is a sub-catalog listing at least 




4 


one sub-catalog network element; and/or the method 




5 


further comprises including the sub -catalog network 




6 


elements within the matrix column elements; and/or the 




7 


method further comprises employing the representation 




8 


operations such as displaying, inheriting, configuring, 




9 


administering, monitoring, and/or modeling. 




10 


It is noted that the foregoing has outlined some of the 




11 


more pertinent objects and embodiments of the present 


o 


12 


invention. This invention may be used for many 




13 


applications. Thus, although the description is made 


fi 


14 


for particular arrangements and methods, the intent and 




15 


concept of the invention is suitable and applicable to 


O 


16 


other arrangements and applications. Even though the 




17 


embodiments and descriptions often refer to 


: a 


18 


communication networks, the invention is clearly useful 


m 


19 


for any type of network. Thus, it will be clear to 


"S3 1 

IE 


20 


those skilled in the art that other modifications to 




21 


the disclosed embodiments can be effected without 


?s 


22 


departing from the spirit and scope of the invention. 




23 


The described embodiments ought to be construed to be 




24 


merely illustrative of some of the more prominent 




25 


features and applications of the invention. Other 




26 


beneficial results can be realized by applying the 




27 


disclosed invention in a different manner or modifying 




28 


the invention in ways known to those familiar with the 




29 


art. 
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